--- loncom/lonnet/perl/lonnet.pm 2020/09/08 02:08:27 1.1172.2.118.2.7
+++ loncom/lonnet/perl/lonnet.pm 2021/06/20 18:54:07 1.1172.2.118.2.20
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1172.2.118.2.7 2020/09/08 02:08:27 raeburn Exp $
+# $Id: lonnet.pm,v 1.1172.2.118.2.20 2021/06/20 18:54:07 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -125,12 +125,13 @@ our @EXPORT = qw(%env);
$logid ++;
my $now = time();
my $id=$now.'00000'.$$.'00000'.$logid;
+ my $ip = &get_requestor_ip();
my $logentry = {
$id => {
'exe_uname' => $env{'user.name'},
'exe_udom' => $env{'user.domain'},
'exe_time' => $now,
- 'exe_ip' => $ENV{'REMOTE_ADDR'},
+ 'exe_ip' => $ip,
'delflag' => $delflag,
'logentry' => $storehash,
'uname' => $uname,
@@ -1082,6 +1083,21 @@ sub check_for_balancer_cookie {
return ($otherserver,$cookie);
}
+sub updatebalcookie {
+ my ($cookie,$balancer,$lastentry)=@_;
+ if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
+ my ($udom,$uname) = ($1,$2);
+ my $uprimary_id = &domain($udom,'primary');
+ my $uintdom = &internet_dom($uprimary_id);
+ my $intdom = &internet_dom($balancer);
+ my $serverhomedom = &host_domain($balancer);
+ if (($uintdom ne '') && ($uintdom eq $intdom)) {
+ return &reply('updatebalcookie:'.&escape($cookie).':'.&escape($lastentry),$balancer);
+ }
+ }
+ return;
+}
+
sub delbalcookie {
my ($cookie,$balancer) =@_;
if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
@@ -1091,7 +1107,7 @@ sub delbalcookie {
my $intdom = &internet_dom($balancer);
my $serverhomedom = &host_domain($balancer);
if (($uintdom ne '') && ($uintdom eq $intdom)) {
- return &reply("delbalcookie:$cookie",$balancer);
+ return &reply('delbalcookie:'.&escape($cookie),$balancer);
}
}
}
@@ -1360,6 +1376,15 @@ sub spare_can_host {
$canhost = 0;
}
}
+ if ($canhost) {
+ if (ref($defdomdefaults{'offloadoth'}) eq 'HASH') {
+ if ($defdomdefaults{'offloadoth'}{$try_server}) {
+ unless (&shared_institution($udom,$try_server)) {
+ $canhost = 0;
+ }
+ }
+ }
+ }
if (($canhost) && ($uint_dom)) {
my @intdoms;
my $internet_names = &get_internet_names($try_server);
@@ -1578,7 +1603,7 @@ sub check_loadbalancing {
if ($domneedscache) {
&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}
- if ($is_balancer) {
+ if (($is_balancer) && ($caller ne 'switchserver')) {
my $lowest_load = 30000;
if (ref($offloadto) eq 'HASH') {
if (ref($offloadto->{'primary'}) eq 'ARRAY') {
@@ -1618,9 +1643,9 @@ sub check_loadbalancing {
}
}
}
- unless ($homeintdom) {
- undef($setcookie);
- }
+ }
+ if (($is_balancer) && (!$homeintdom)) {
+ undef($setcookie);
}
return ($is_balancer,$otherserver,$setcookie);
}
@@ -1874,10 +1899,19 @@ sub get_dom {
}
if ($udom && $uhome && ($uhome ne 'no_host')) {
my $rep;
- if ($namespace =~ /^enc/) {
- $rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
+ if (grep { $_ eq $uhome } ¤t_machine_ids()) {
+ # domain information is hosted on this machine
+ my $cmd = 'getdom';
+ if ($namespace =~ /^enc/) {
+ $cmd = 'egetdom';
+ }
+ $rep = &LONCAPA::Lond::get_dom("$cmd:$udom:$namespace:$items");
} else {
- $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
+ if ($namespace =~ /^enc/) {
+ $rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
+ } else {
+ $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
+ }
}
my %returnhash;
if ($rep eq '' || $rep =~ /^error: 2 /) {
@@ -2409,6 +2443,9 @@ sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
}
+ if (ref($domconfig{'usersessions'}{'offloadoth'}) eq 'HASH') {
+ $domdefaults{'offloadoth'} = $domconfig{'usersessions'}{'offloadoth'};
+ }
}
if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
@@ -3748,6 +3785,10 @@ sub clean_filename {
# Replace all .\d. sequences with _\d. so they no longer look like version
# numbers
$fname=~s/\.(\d+)(?=\.)/_$1/g;
+# Replace three or more adjacent underscores with one for consistency
+# with loncfile::filename_check() so complete url can be extracted by
+# lonnet::decode_symb()
+ $fname=~s/_{3,}/_/g;
return $fname;
}
@@ -4718,7 +4759,11 @@ sub courseacclog {
if ($formitem =~ /^HWFILE(?:SIZE|TOOBIG)/) {
$what.=':'.$formitem.'='.$env{$key};
} elsif ($formitem !~ /^HWFILE(?:[^.]+)$/) {
- $what.=':'.$formitem.'='.$env{$key};
+ if ($formitem eq 'proctorpassword') {
+ $what.=':'.$formitem.'=' . '*' x length($env{$key});
+ } else {
+ $what.=':'.$formitem.'='.$env{$key};
+ }
}
}
}
@@ -5550,13 +5595,14 @@ sub checkout {
my ($symb,$tuname,$tudom,$tcrsid)=@_;
my $now=time;
my $lonhost=$perlvar{'lonHostID'};
+ my $ip = &get_requestor_ip();
my $infostr=&escape(
'CHECKOUTTOKEN&'.
$tuname.'&'.
$tudom.'&'.
$tcrsid.'&'.
$symb.'&'.
- $now.'&'.$ENV{'REMOTE_ADDR'});
+ $now.'&'.$ip);
my $token=&reply('tmpput:'.$infostr,$lonhost);
if ($token=~/^error\:/) {
&logthis("<font color=\"blue\">WARNING: ".
@@ -5570,7 +5616,7 @@ sub checkout {
my %infohash=('resource.0.outtoken' => $token,
'resource.0.checkouttime' => $now,
- 'resource.0.outremote' => $ENV{'REMOTE_ADDR'});
+ 'resource.0.outremote' => $ip);
unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
@@ -5601,6 +5647,7 @@ sub checkin {
$lonhost=~tr/A-Z/a-z/;
my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;
$dtoken=~s/\W/\_/g;
+ my $ip = &get_requestor_ip();
my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));
@@ -5617,7 +5664,7 @@ sub checkin {
my %infohash=('resource.0.intoken' => $token,
'resource.0.checkintime' => $now,
- 'resource.0.inremote' => $ENV{'REMOTE_ADDR'});
+ 'resource.0.inremote' => $ip);
unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
@@ -5885,7 +5932,7 @@ sub tmpreset {
if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {
- $stuname=$ENV{'REMOTE_ADDR'};
+ $stuname=&get_requestor_ip();
}
my $path=LONCAPA::tempdir();
my %hash;
@@ -5922,7 +5969,7 @@ sub tmpstore {
if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {
- $stuname=$ENV{'REMOTE_ADDR'};
+ $stuname=&get_requestor_ip();
}
my $now=time;
my %hash;
@@ -5966,7 +6013,7 @@ sub tmprestore {
if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {
- $stuname=$ENV{'REMOTE_ADDR'};
+ $stuname=&get_requestor_ip();
}
my %returnhash;
$namespace=~s/\//\_/g;
@@ -6022,7 +6069,7 @@ sub store {
}
if (!$home) { $home=$env{'user.home'}; }
- $$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
+ $$storehash{'ip'}=&get_requestor_ip();
$$storehash{'host'}=$perlvar{'lonHostID'};
my $namevalue='';
@@ -6058,7 +6105,7 @@ sub cstore {
}
if (!$home) { $home=$env{'user.home'}; }
- $$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
+ $$storehash{'ip'}=&get_requestor_ip();
$$storehash{'host'}=$perlvar{'lonHostID'};
my $namevalue='';
@@ -7050,7 +7097,8 @@ sub putstore {
foreach my $key (keys(%{$storehash})) {
$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
}
- $namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
+ my $ip = &get_requestor_ip();
+ $namevalue .= 'ip='.&escape($ip).
'&host='.&escape($perlvar{'lonHostID'}).
'&version='.$esc_v.
'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
@@ -7831,7 +7879,7 @@ sub customaccess {
# ------------------------------------------------- Check for a user privilege
sub allowed {
- my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
+ my ($priv,$uri,$symb,$role,$clientip,$noblockcheck,$ignorecache)=@_;
my $ver_orguri=$uri;
$uri=&deversion($uri);
my $orguri=$uri;
@@ -7848,7 +7896,7 @@ sub allowed {
if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources
- if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|ext\.tool)$}))
+ if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|viewclasslist|aboutme|ext\.tool)$}))
|| (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) ))
&& ($priv eq 'bre')) {
return 'F';
@@ -8056,7 +8104,7 @@ sub allowed {
if ($noblockcheck) {
$thisallowed.=$value;
} else {
- my @blockers = &has_comm_blocking($priv,$symb,$uri);
+ my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);
if (@blockers > 0) {
$thisallowed = 'B';
} else {
@@ -8076,7 +8124,7 @@ sub allowed {
if ($noblockcheck) {
$thisallowed='F';
} else {
- my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+ my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
if (@blockers > 0) {
$thisallowed = 'B';
} else {
@@ -8095,7 +8143,7 @@ sub allowed {
&& &is_portfolio_url($uri)) {
$thisallowed = &portfolio_access($uri,$clientip);
}
-
+
# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {
return 'F';
@@ -8149,7 +8197,7 @@ sub allowed {
if ($noblockcheck) {
$thisallowed.=$value;
} else {
- my @blockers = &has_comm_blocking($priv,$symb,$uri);
+ my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);
if (@blockers > 0) {
$thisallowed = 'B';
} else {
@@ -8162,7 +8210,7 @@ sub allowed {
$checkreferer=0;
}
}
-
+
if ($checkreferer) {
my $refuri=$env{'httpref.'.$orguri};
unless ($refuri) {
@@ -8191,7 +8239,7 @@ sub allowed {
if ($noblockcheck) {
$thisallowed.=$value;
} else {
- my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+ my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
if (@blockers > 0) {
$thisallowed = 'B';
} else {
@@ -8277,7 +8325,7 @@ sub allowed {
}
}
}
-
+
#
# Rest of the restrictions depend on selected course
#
@@ -8435,22 +8483,27 @@ sub constructaccess {
#
# User for whom data are being temporarily cached.
my $cacheduser='';
+# Course for which data are being temporarily cached.
+my $cachedcid='';
# Cached blockers for this user (a hash of blocking items).
my %cachedblockers=();
# When the data were last cached.
my $cachedlast='';
sub load_all_blockers {
- my ($uname,$udom,$blocks)=@_;
+ my ($uname,$udom)=@_;
if (($uname ne '') && ($udom ne '')) {
if (($cacheduser eq $uname.':'.$udom) &&
+ ($cachedcid eq $env{'request.course.id'}) &&
(abs($cachedlast-time)<5)) {
return;
}
}
$cachedlast=time;
$cacheduser=$uname.':'.$udom;
- %cachedblockers = &get_commblock_resources($blocks);
+ $cachedcid=$env{'request.course.id'};
+ %cachedblockers = &get_commblock_resources();
+ return;
}
sub get_comm_blocks {
@@ -8530,14 +8583,23 @@ sub get_commblock_resources {
if ($mapsymb) {
if (ref($navmap)) {
my $mapres = $navmap->getBySymb($mapsymb);
- @to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
- foreach my $res (@to_test) {
- my $symb = $res->symb();
- next if ($symb eq $mapsymb);
- if ($symb ne '') {
- @interval=&EXT("resource.0.interval",$symb);
- if ($interval[1] eq 'map') {
- last;
+ if (ref($mapres)) {
+ my $first = $mapres->map_start();
+ my $finish = $mapres->map_finish();
+ my $it = $navmap->getIterator($first,$finish,undef,0,0);
+ if (ref($it)) {
+ my $res;
+ while ($res = $it->next(undef,1)) {
+ next unless (ref($res));
+ my $symb = $res->symb();
+ next if (($symb eq $mapsymb) || ($symb eq ''));
+ @interval=&EXT("resource.0.interval",$symb);
+ if ($interval[1] eq 'map') {
+ if ($res->answerable()) {
+ push(@to_test,$res);
+ last;
+ }
+ }
}
}
}
@@ -8588,17 +8650,23 @@ sub get_commblock_resources {
}
sub has_comm_blocking {
- my ($priv,$symb,$uri,$blocks) = @_;
+ my ($priv,$symb,$uri,$ignoresymbdb,$noenccheck,$blocked,$blocks) = @_;
my @blockers;
return unless ($env{'request.course.id'});
return unless ($priv eq 'bre');
return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
return if ($env{'request.state'} eq 'construct');
- &load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);
- return unless (keys(%cachedblockers) > 0);
+ my %blockinfo;
+ if (ref($blocks) eq 'HASH') {
+ %blockinfo = &get_commblock_resources($blocks);
+ } else {
+ &load_all_blockers($env{'user.name'},$env{'user.domain'});
+ %blockinfo = %cachedblockers;
+ }
+ return unless (keys(%blockinfo) > 0);
my (%possibles,@symbs);
if (!$symb) {
- $symb = &symbread($uri,1,1,1,\%possibles);
+ $symb = &symbread($uri,1,1,1,\%possibles,$ignoresymbdb,$noenccheck);
}
if ($symb) {
@symbs = ($symb);
@@ -8609,34 +8677,38 @@ sub has_comm_blocking {
foreach my $symb (@symbs) {
last if ($noblock);
my ($map,$resid,$resurl)=&decode_symb($symb);
- foreach my $block (keys(%cachedblockers)) {
+ foreach my $block (keys(%blockinfo)) {
if ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;
- if (($item eq $map) || ($item eq $symb)) {
- $noblock = 1;
- last;
+ unless ($blocked) {
+ if (($item eq $map) || ($item eq $symb)) {
+ $noblock = 1;
+ last;
+ }
}
}
- if (ref($cachedblockers{$block}) eq 'HASH') {
- if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {
- if ($cachedblockers{$block}{'resources'}{$symb}) {
+ if (ref($blockinfo{$block}) eq 'HASH') {
+ if (ref($blockinfo{$block}{'resources'}) eq 'HASH') {
+ if ($blockinfo{$block}{'resources'}{$symb}) {
unless (grep(/^\Q$block\E$/,@blockers)) {
push(@blockers,$block);
}
}
}
- }
- if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {
- if ($cachedblockers{$block}{'maps'}{$map}) {
- unless (grep(/^\Q$block\E$/,@blockers)) {
- push(@blockers,$block);
+ if (ref($blockinfo{$block}{'maps'}) eq 'HASH') {
+ if ($blockinfo{$block}{'maps'}{$map}) {
+ unless (grep(/^\Q$block\E$/,@blockers)) {
+ push(@blockers,$block);
+ }
}
}
}
}
}
- return if ($noblock);
- return @blockers;
+ unless ($noblock) {
+ return @blockers;
+ }
+ return;
}
}
@@ -9034,6 +9106,25 @@ sub auto_validate_instcode {
return ($outcome,$description,$defaultcredits);
}
+sub auto_validate_inst_crosslist {
+ my ($cnum,$cdom,$instcode,$inst_xlist,$coowner) = @_;
+ my ($homeserver,$response);
+ if (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/)) {
+ $homeserver = &homeserver($cnum,$cdom);
+ }
+ if (!defined($homeserver)) {
+ if ($cdom =~ /^$match_domain$/) {
+ $homeserver = &domain($cdom,'primary');
+ }
+ }
+ unless (($homeserver eq '') || ($homeserver eq 'no_host')) {
+ $response=&reply('autovalidateinstcrosslist:'.$cdom.':'.
+ &escape($instcode).':'.&escape($inst_xlist).':'.
+ &escape($coowner),$homeserver);
+ }
+ return $response;
+}
+
sub auto_create_password {
my ($cnum,$cdom,$authparam,$udom) = @_;
my ($homeserver,$response);
@@ -9305,6 +9396,38 @@ sub auto_validate_class_sec {
return $response;
}
+sub auto_instsec_reformat {
+ my ($cdom,$action,$instsecref) = @_;
+ return unless(($action eq 'clutter') || ($action eq 'declutter'));
+ my @homeservers;
+ if (defined(&domain($cdom,'primary'))) {
+ push(@homeservers,&domain($cdom,'primary'));
+ } else {
+ my %servers = &get_servers($cdom,'library');
+ foreach my $tryserver (keys(%servers)) {
+ if (!grep(/^\Q$tryserver\E$/,@homeservers)) {
+ push(@homeservers,$tryserver);
+ }
+ }
+ }
+ my $response;
+ my %reformatted = %{$instsecref};
+ foreach my $server (@homeservers) {
+ if (ref($instsecref) eq 'HASH') {
+ my $info = &freeze_escape($instsecref);
+ my $response=&reply('autoinstsecreformat:'.$cdom.':'.
+ $action.':'.$info,$server);
+ next if ($response =~ /(con_lost|error|no_such_host|refused|unknown_command)/);
+ my @items = split(/&/,$response);
+ foreach my $item (@items) {
+ my ($key,$value) = split(/=/,$item);
+ $reformatted{&unescape($key)} = &thaw_unescape($value);
+ }
+ }
+ }
+ return %reformatted;
+}
+
sub auto_validate_instclasses {
my ($cdom,$cnum,$owners,$classesref) = @_;
my ($homeserver,%validations);
@@ -9849,11 +9972,23 @@ sub autoupdate_coowners {
if ($domdesign{$cdom.'.autoassign.co-owners'}) {
my %coursehash = &coursedescription($cdom.'_'.$cnum);
my $instcode = $coursehash{'internal.coursecode'};
+ my $xlists = $coursehash{'internal.crosslistings'};
if ($instcode ne '') {
if (($start && $start <= $now) && ($end == 0) || ($end > $now)) {
unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) {
my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners);
my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom);
+ unless ($result eq 'valid') {
+ if ($xlists ne '') {
+ foreach my $xlist (split(',',$xlists)) {
+ my ($inst_crosslist,$lcsec) = split(':',$xlist);
+ $result =
+ &auto_validate_inst_crosslist($cnum,$cdom,$instcode,
+ $inst_crosslist,$uname.':'.$udom);
+ last if ($result eq 'valid');
+ }
+ }
+ }
if ($result eq 'valid') {
if ($coursehash{'internal.co-owners'}) {
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
@@ -9866,18 +10001,16 @@ sub autoupdate_coowners {
} else {
push(@newcoowners,$uname.':'.$udom);
}
- } else {
- if ($coursehash{'internal.co-owners'}) {
- foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
- unless ($coowner eq $uname.':'.$udom) {
- push(@newcoowners,$coowner);
- }
- }
- unless (@newcoowners > 0) {
- $delcoowners = 1;
- $coowners = '';
+ } elsif ($coursehash{'internal.co-owners'}) {
+ foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
+ unless ($coowner eq $uname.':'.$udom) {
+ push(@newcoowners,$coowner);
}
}
+ unless (@newcoowners > 0) {
+ $delcoowners = 1;
+ $coowners = '';
+ }
}
if (@newcoowners || $delcoowners) {
&store_coowners($cdom,$cnum,$coursehash{'home'},
@@ -9951,13 +10084,14 @@ sub modifyuserauth {
' in domain '.$env{'request.role.domain'});
my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.
&escape($upass),$uhome);
+ my $ip = &get_requestor_ip();
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},
'Authentication changed for '.$udom.', '.$uname.', '.$umode.
- '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+ '(Remote '.$ip.'): '.$reply);
&log($udom,,$uname,$uhome,
'Authentication changed by '.$env{'user.domain'}.', '.
$env{'user.name'}.', '.$umode.
- '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+ '(Remote '.$ip.'): '.$reply);
unless ($reply eq 'ok') {
&logthis('Authentication mode error: '.$reply);
return 'error: '.$reply;
@@ -10478,7 +10612,7 @@ sub store_userdata {
if (($uhome eq '') || ($uhome eq 'no_host')) {
$result = 'error: no_host';
} else {
- $storehash->{'ip'} = $ENV{'REMOTE_ADDR'};
+ $storehash->{'ip'} = &get_requestor_ip();
$storehash->{'host'} = $perlvar{'lonHostID'};
my $namevalue='';
@@ -11322,42 +11456,47 @@ sub resdata {
}
if (!ref($result)) { return $result; }
foreach my $item (@which) {
- if (ref($item) eq 'ARRAY') {
- if (defined($result->{$item->[0]})) {
- return [$result->{$item->[0]},$item->[1]];
- }
+ if (defined($result->{$item->[0]})) {
+ return [$result->{$item->[0]},$item->[1]];
}
}
return undef;
}
-sub get_domain_ltitools {
- my ($cdom) = @_;
- my %ltitools;
- my ($result,$cached)=&is_cached_new('ltitools',$cdom);
+sub get_domain_lti {
+ my ($cdom,$context) = @_;
+ my ($name,%lti);
+ if ($context eq 'consumer') {
+ $name = 'ltitools';
+ } elsif ($context eq 'provider') {
+ $name = 'lti';
+ } else {
+ return %lti;
+ }
+ my ($result,$cached)=&is_cached_new($name,$cdom);
if (defined($cached)) {
if (ref($result) eq 'HASH') {
- %ltitools = %{$result};
+ %lti = %{$result};
}
} else {
- my %domconfig = &get_dom('configuration',['ltitools'],$cdom);
- if (ref($domconfig{'ltitools'}) eq 'HASH') {
- %ltitools = %{$domconfig{'ltitools'}};
- my %encdomconfig = &get_dom('encconfig',['ltitools'],$cdom);
- if (ref($encdomconfig{'ltitools'}) eq 'HASH') {
- foreach my $id (keys(%ltitools)) {
- if (ref($encdomconfig{'ltitools'}{$id}) eq 'HASH') {
+ my %domconfig = &get_dom('configuration',[$name],$cdom);
+ if (ref($domconfig{$name}) eq 'HASH') {
+ %lti = %{$domconfig{$name}};
+ my %encdomconfig = &get_dom('encconfig',[$name],$cdom);
+ if (ref($encdomconfig{$name}) eq 'HASH') {
+ foreach my $id (keys(%lti)) {
+ if (ref($encdomconfig{$name}{$id}) eq 'HASH') {
foreach my $item ('key','secret') {
- $ltitools{$id}{$item} = $encdomconfig{'ltitools'}{$id}{$item};
+ $lti{$id}{$item} = $encdomconfig{$name}{$id}{$item};
}
}
}
}
}
my $cachetime = 24*60*60;
- &do_cache_new('ltitools',$cdom,\%ltitools,$cachetime);
+ &do_cache_new($name,$cdom,\%lti,$cachetime);
}
- return %ltitools;
+ return %lti;
}
sub get_numsuppfiles {
@@ -12511,13 +12650,16 @@ sub deversion {
# ------------------------------------------------------ Return symb list entry
sub symbread {
- my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;
+ my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles,
+ $ignoresymbdb,$noenccheck)=@_;
my $cache_str='request.symbread.cached.'.$thisfn;
if (defined($env{$cache_str})) {
- if ($ignorecachednull) {
- return $env{$cache_str} unless ($env{$cache_str} eq '');
- } else {
- return $env{$cache_str};
+ unless (ref($possibles) eq 'HASH') {
+ if ($ignorecachednull) {
+ return $env{$cache_str} unless ($env{$cache_str} eq '');
+ } else {
+ return $env{$cache_str};
+ }
}
}
# no filename provided? try from environment
@@ -12546,10 +12688,18 @@ sub symbread {
if ($targetfn =~ m|^adm/wrapper/(ext/.*)|) {
$targetfn=$1;
}
- if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
- &GDBM_READER(),0640)) {
- $syval=$hash{$targetfn};
- untie(%hash);
+ unless ($ignoresymbdb) {
+ if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
+ &GDBM_READER(),0640)) {
+ $syval=$hash{$targetfn};
+ untie(%hash);
+ }
+ if ($syval && $checkforblock) {
+ my @blockers = &has_comm_blocking('bre',$syval,$thisfn,$ignoresymbdb,$noenccheck);
+ if (@blockers) {
+ $syval='';
+ }
+ }
}
# ---------------------------------------------------------- There was an entry
if ($syval) {
@@ -12582,13 +12732,18 @@ sub symbread {
$syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);
if (ref($possibles) eq 'HASH') {
- $possibles->{$syval} = 1;
+ unless ($bighash{'randomout_'.$ids} || $env{'request.role.adv'}) {
+ $possibles->{$syval} = 1;
+ }
}
if ($checkforblock) {
- my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
- if (@blockers) {
- $syval = '';
- return;
+ unless ($bighash{'randomout_'.$ids} || $env{'request.role.adv'}) {
+ my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids},'',$noenccheck);
+ if (@blockers) {
+ $syval = '';
+ untie(%bighash);
+ return $env{$cache_str}='';
+ }
}
}
} elsif ((!$donotrecurse) || ($checkforblock) || (ref($possibles) eq 'HASH')) {
@@ -12607,12 +12762,13 @@ sub symbread {
if ($bighash{'map_type_'.$mapid} ne 'page') {
my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);
- if (ref($possibles) eq 'HASH') {
- $possibles->{$syval} = 1;
- }
+ next if ($bighash{'randomout_'.$id} && !$env{'request.role.adv'});
+ next unless (($noenccheck) || ($bighash{'encrypted_'.$id} eq $env{'request.enc'}));
if ($checkforblock) {
- my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
- unless (@blockers > 0) {
+ my @blockers = &has_comm_blocking('bre',$poss_syval,$file,'',$noenccheck);
+ if (@blockers > 0) {
+ $syval = '';
+ } else {
$syval = $poss_syval;
$realpossible++;
}
@@ -12620,6 +12776,11 @@ sub symbread {
$syval = $poss_syval;
$realpossible++;
}
+ if ($syval) {
+ if (ref($possibles) eq 'HASH') {
+ $possibles->{$syval} = 1;
+ }
+ }
}
}
}
@@ -13361,9 +13522,12 @@ sub default_login_domain {
}
sub shared_institution {
- my ($dom) = @_;
+ my ($dom,$lonhost) = @_;
+ if ($lonhost eq '') {
+ $lonhost = $perlvar{'lonHostID'};
+ }
my $same_intdom;
- my $hostintdom = &internet_dom($perlvar{'lonHostID'});
+ my $hostintdom = &internet_dom($lonhost);
if ($hostintdom ne '') {
my %iphost = &get_iphost();
my $primary_id = &domain($dom,'primary');
@@ -13420,6 +13584,17 @@ sub uses_sts {
return;
}
+sub get_requestor_ip {
+ my ($r,$nolookup,$noproxy) = @_;
+ my $from_ip;
+ if (ref($r)) {
+ $from_ip = $r->get_remote_host($nolookup);
+ } else {
+ $from_ip = $ENV{'REMOTE_ADDR'};
+ }
+ return $from_ip;
+}
+
# ------------------------------------------------------------- Declutters URLs
sub declutter {